USE OF A NUMERICAL ANALYTICAL MODEL FOR ASSESSING THE FUNCTIONAL EFFECTIVENESS OF AN INFORMATION PROTECTION SYSTEM BY ANALYSING ITS PROBABILISTIC-TEMPORAL CHARACTERISTICS

Abstract. Aim Currently, the implementation of computational experiments to determine the probabilistic-temporal characteristics of protection functions for automated information systems is a complex and costly task. In order to study the dynamics of transitions between the states of this type of system, it is necessary to develop a mathematical model and an algorithm for computing the corresponding characteristics.

Method. To achieve this goal, a mathematical model of the information security system was developed in the MATLAB software environment. The main advantages of this software environment consist in a high level of visualisation, the ability to modify models to analyse other systems of this type and the availability of integration tools with other software products.

Results. The article presents a numerical and analytical model of a system for protecting information from unauthorised access. The functional dynamics of the system are described using a stochastic Petri net. In order to solve the integral equations and determine the probabilities of reaching the final state in a given time, the Laplace transform is used. The solution is carried out in an analytical mode to obtain an explicit form of the dependences of the probability-time characteristics of the system on the probabilities of transitions between states and the average times the system stays in each state. The paper presents the results of calculating the probability-time characteristics of the “Turning on the personal computer and user identification” subsystem of the “Guard NT” system for preventing unauthorised access to information.

Conclusion. The developed model, which can be used to study the dynamics of transitions between states of an information protection system against unauthorised access in an automated system, as well as to optimise the time it takes to complete functional tasks, can also be used to improve the operational efficiency of these systems.

1. Schneier B. We Have Root: Even More Advice from Schneier on Security / B. Schneier. - Wiley, 2019 . 304 p.

2. GOST R ISO/MEK 15408-2-2013. Informatsionnaya tekhnologiya. Metody i sredstva obespeche-niya bezopasnosti. Kriterii otsenki bezopasnosti informatsionnykh tekhnologiy. CH. 2: Funktsional'nyye komponenty bezopasnosti [Elektronnyy resurs]. — URL:http://docs.cntd.ru/document/ 1200105710 (data obrashcheniya 18.10.2019). [GOST R ISO / IEC 15408-2-2013. Information tech-nology. Methods and means of ensuring safety. Criteria for assessing the security of information technology. Part 2: Functional compo-nents of security [Electronic resource]. - URL: http: //docs.cntd.ru/document/ 1200105710 (accessed October 18, 2019) (In Russ.)]

3. GOST R 51583-2014. Natsional'nyy standart Rossiyskoy Federatsii. Zashchita informatsii. Po-ryadok sozdaniya avtoma-tizirovannykh sistem v zashchishchonnom ispolnenii [Elektronnyy resurs]. — URL:http://docs.cntd.ru/document/1200108858 (data obrashcheniya: 11.10.2019). [GOST R 51583-2014. National standard of the Russian Federation. Protection of information. The order of creating automated systems in a secure execution [Electronic resource]. - URL: http: //docs.cntd.ru/document/1200108858 (accessed date: 10/11/2019) (In Russ.)]

4. FSTEK RF. Rukovodyashchiy dokument. Avtomatizirovannyye sistemy. Zashchita ot nesanktsioniro-vannogo dostupa k in-formatsii. Klassifikatsiya avtomatizirovannykh sistem i trebovaniya po zashchite in-formatsii [Elektronnyy resurs]. — URL: https://fstec.ru/tekhnicheskaya-zashchita-informatsii/dokumenty/114-spetsialnye-normativnye-dokumenty/384-rukovodyashchij-dokument-reshenie-predsedatelya-gostekhkomissii-rossii-ot-30-marta-1992-g (data obrashcheniya 14.10.2019). [FSTEC of the Russian Federation. Guidance document. Automated systems. Protection against unauthorized access to information. Classification of automated systems and requirements for the protection of information [Electronic resource]. - URL: https://fstec.ru/tekhnicheskaya-zashchita-informatsii/dokumenty/114-spetsialnye-normativnye-dokumenty/384-rukovodyashchij-dokument-reshenie-predsedatelya-gostekhkomissii-rossii-ot-30-artghartomhii (circulation date 10/14/2019(In Russ.)]

5. FSTEK RF. Rukovodyashchiy dokument. Kontseptsiya zashchity sredstv vychislitel'noy tekhniki i av-tomatizirovannykh sis-tem ot nesanktsionirovannogo dostupa k informatsii [Elektronnyy resurs]. — URL:http://fstec.ru/component/attachments/ / 299 (data obrashcheniya: 18.10.2019). [FSTEC of the Russian Federation. Guidance document. The concept of protecting computer equipment and automated systems from unauthorized access to information [Electronic resource]. - URL: http: //fstec.ru/component/attachments/ / 299 (accessed: 10/18/2019(In Russ.)]

6. FSTEK RF. Rukovodyashchiy dokument. Sredstva vychislitel'noy tekhniki. Zashchita ot nesanktsio-nirovannogo dostupa k informatsii. Pokazateli zashchishchennosti ot nesanktsionirovannogo dostupa k in-formatsii [Elektronnyy resurs].URL:http:// fstec.ru/tekhnicheskaya-zashchita-informatsii/dokumenty/114-spetsialnye-normativnye-dokumenty/383-rukovodyashchij-dokument-reshenie-predsedatelya-gostekhkomissii-rossii-ot-25-iyulya-1997-g (data obrashcheniya: 11.10.2019). [FSTEC of the Russian Federa-tion. Guidance document. Computer facilities. Protection against unauthorized access to information. Indicators of security against unau-thorized access to information [Electronic resource]. - URL: http: // fstec.ru/tekhnicheskaya-zashchita-informatsii/dokumenty/114-spetsialnye-normativnye-dokumenty/383-rukovodyashchij-dokument-reshenie-predsedatelya-gostekhkomissii-rossii-ot-25-iyu-giyuy (Date of treatment: 10/11/2019(In Russ.)]

7. Rukovodyashchiy dokument Gosudarstvennoy tekhnicheskoy komissii ot 30 iyunya 1992 goda. Zashchita ot nesanktsion-irovannogo dostupa k informatsii. Terminy i opredeleniya. [Elektronnyy resurs]. — URL:https://fstec.ru/component/attachments/ down-load/298 (data obrashcheniya: 10.11.2019). [Guidance document of the State Technical Commission of June 30, 1992. Protection against unauthorized access to information. Terms and Definitions. [Electronic resource]. - URL: https: //fstec.ru/component/attachments/ download / 298 (accessed: 11/10/2019) (In Russ.)]

8. Xin Z. Research on effectiveness evaluation of the mission-critical system / Z. Xin, M. Shaojie, Z. Fang // Proceedings of 2013 2nd International Conference on Measurement, Information and Control. - 2013 pp. 869-873.

9. Maximizing Uptime of Critical Systems in Commercial and Industrial Applications VAVR-8K4TVA_R1_EN.pdf [Electronic resource]. - URL: https: //download.schneider-eletric.com/files? P_Doc_Ref = SPD_VAVR-8K4TVA_EN (accessed: 10.24.2019).

10. Kresimir S., The information systems' security level assessment model based on an ontology and evidential reasoning ap-proach / S. Kresimir, O. Hrvoje, G. Marin // Computers & Security. 2015. pp. 100-112.

11. Effectiveness Evaluation on Cyberspace Security Defense System / L. Yun [et ol.] // International Conference on Network and Information Systems for Computers (IEEE Conference Publications). - 2015 . pp. 576-579.

12. Metody i sredstva otsenki effektivnosti podsistemy zashchity konfidentsial'nogo informa-tsionnogo resursa pri yeye proyek-tirovanii v sistemakh elektronnogo dokumentooborota: monografiya / P.V. Zinov'yev, I.I. Zastrozhnov, Ye.A. Rogozin. — Voronezh: Voronezh. gos. tekhn. un-t, 2015. — 106 s. [Methods and means of assessing the effectiveness of the protection subsystem of a confi-dential information resource during its design in electronic document management systems: monograph / P.V. Zinoviev, I.I. Zastrozh-nov, E.A. Rogozin. - Voronezh: Voronezh. state tech. Univ., 2015 . 106 p. (In Russ.)]

13. Piterson D.ZH. Teoriya setey Petri i modelirovaniye sistem / D.ZH. Piterson: per. s angl. — M.: Mir, 1984. — 264 s. [Peter-son D.J. The theory of Petri nets and system modeling / D.Zh. Peterson: Per. from English - M .: Mir, 1984. 264 p. (In Russ.)]

14. Kotov V.Ye. Seti Petri / V.Ye. Kotov. M.: Nauka. Glavnaya redaktsiya fiziko-matematicheskoy literatury, 1984. 160 s. [Ko-tov V.E. Petri nets / V.E. Kotov. M .: Science. The main edition of the physical and mathematical literature, 1984. 160 p. (In Russ.)]

15. Charaf N. A colored Petri-net model for control execution of distributed systems / H. Charaf, S. Azzouzi // 4th International Conference on Control, Decision and Information Technologies (CoDIT). 2017 pp. 277-282.

16. Network security analyzing and modeling based on Petri net and Attack tree for SDN / Y. Linyuan [and others] // 2016 In-ternational Conference on Computing, Networking and Communications (ICNC) 2016 pp. 133-187.

17. Leonov G.A. Sovremennyye metody simvol'nykh vychisleniy: lyapunovskiye velichiny i 16-ya pro-blema Gil'berta / G.A. Leonov, N.V. Kuznetsov, Ye.V. Kudryashova, O.A. Kuznetsova // Trudy SPIIRAN. 2021. № 16 (1). S. 5-36. [Leonov G.A. Modern methods of symbolic calculations: Lyapunov quantities and the 16th Hilbert problem / G.A. Leonov, N.V. Kuznetsov, E.V. Kudryasho-va, O.A. Kuznetsova // Transactions of SPIIRAS. 2021. No. 16 (1). pp. 5-36. (In Russ.)]

18. Bubnov V.P. Osobennosti programmnoy realizatsii chislenno-analiticheskogo metoda raschota modeley nestatsionarnykh sistem obsluzhivaniya / V.P. Bubnov, A.S. Yeremin, S.A. Sergeyev // Trudy SPI-IRAN. 2015. № 38 (1). S. 218-232. [Bubnov V.P. Features of software implementation of a numerical-analytical method for calculating models of non-stationary service systems / V.P. Bubnov, A.S. Eremin, S.A. Sergeev // Transactions of SPI-IRAN. 2015. No. 38 (1). pp. 218-232. (In Russ.)]

19. Popov A.D. Model' funktsionirovaniya tipovoy sistemy zashchity informatsii ot nesanktsioni-rovannogo dostupa v avtoma-tizirovannykh informatsionnykh sistemakh OVD / Ye.A. Rogozin, A.D. Popov // Vestnik Voronezh. in-ta MVD Rossii. 2016. № 4. S. 122-132. [Popov A.D. The model of functioning of a typical system for protecting information from unauthorized access in automated information systems ATS / E.A. Rogozin, A.D. Popov // Bulletin of Voronezh. Institute of the Ministry of Internal Affairs of Russia. 2016. No. 4. pp. 122-132. (In Russ.)]

20. Drovnikova I.G. Chislennyye metody raschota pokazatelya effektivnosti vspomogatel'noy pod-sistemy v sisteme elektron-nogo dokumentooborota / I.G. Drovnikova, P.V. Zinov'yev, Ye.A. Rogozin // Vestnik Voronezh. in-ta MVD Rossii. 2016. №. 4. S. 114–120. [Drovnikova I.G. Numerical methods for calculating the performance indicator of the auxiliary sub-system in the electronic document management system / I.G. Drovnikova, P.V. Zinoviev, E.A. Rogozin // TBulletin of Voronezh. Institute of the Ministry of Internal Affairs of Russia. 201. No. 4. pp. 114–120. (In Russ.)]

21. Tikhonov V.I. Markovskiye protsessy / V.I. Tikhonov, M.A. Mironov. M.: Sov. radio, 1977. [Tikhonov V.I. Markov pro-cesses / V.I. Tikhonov, M.A. Mironov. M .: Owls. radio, 1977. (In Russ.)]

22. O gosudarstvennoy tayne: zakon Rossiyskoy Federatsii ot 21.07.1993 № 5485-1 (v red. ot 08.03.2015) // SPS «Konsul'tant Plyus» (data obrashcheniya: 14.11.2019). [On state secret: the law of the Russian Federation of July 21, 1993 No. 5485-1 (as amended on March 8, 2015) // ATP “Consultant Plus” (appeal date: November 14, 2019) (In Russ.)]

23. Popov A.D. Chislennyy metod otsenki effektivnosti sistem zashchity informatsii ot nesanktsi-onirovannogo dostupa v avtomatizirovannykh informatsionnykh sistemakh / A.D. Popov // Pro-blemy obespecheniya nadezhnosti i kachestva priborov, ustroystv i sistem: mezhvuz. sb. nauch. tr. Voronezh: FGBOU VO «Voronezhskiy gosudarstvennyy tekhnicheskiy universitet», 2018. S. 53-62. [Popov A.D. A numerical method for evaluating the effectiveness of information protection systems against unauthorized access in au-tomated information systems / A.D. Popov // Problems of ensuring the reliability and quality of devices, devices and systems: interuni-versity. Sat scientific tr Voronezh: Voronezh State Technical University, 2018. pp. 53-62 (In Russ.)]

24. Amosov A.A. Vychislitel'nyye metody dlya inzhenerov / A.A. Amosov, YU.A. Dubinskiy, N.V. Kopchenova. M.: Vyssha-ya shkola, 1994. 544s. [Amosov A.A. Computational methods for engineers / A.A. Amosov, Yu.A. Dubinsky, N.V. Kopchenova. M.: Higher School, 1994.544 p. (In Russ.)]

25. Razrabotka imitatsionnoy modeli sistemy zashchity informatsii ot nesanktsionirovannogo do-stupa s ispol'zovaniyem pro-grammnoy sredy CPN Tools / Bokova O.I. [i dr.] // Bezopasnost' in-formatsionnykh tekhnologiy =IT Security. Tom 26. 2019. № 3. S. 80-89. [Development of a simulation model of a system for protecting information from unauthorized access using the CPN Tools soft-ware environment / Bokova OI [et al.] // Security of information technology = IT Security. Volume 26. 2019. No. 3. pp. 80-89. (In Russ.)]